Informationsteknik, kontorsutrustning

This document incorporates data structures used by all other data domains of Transmodel. It is composed of the following data packages:

versions and validity; 

responsibility; 

generic framework; 

reusable components; 

explicit frames referring to generic data. 

The data structures represented in this part are either generic patterns that can be explicitly reused in 

other domains (e.g., a generic model for version frames, a generic grouping mechanism, etc.) or are 

referenced by different other parts (e.g., service calendar model). 

This document itself is composed of the following parts: 

main document representing the data model for the concepts shared by the different domains covered by Transmodel (normative);

Annex A containing the data dictionary and attribute tables, i.e., the list of all the concepts 

present in the main document, together with their definitions (normative);  

Annex B, indicating the data model evolutions (informative), 

Annex C, presenting the Transmodel development history (informative), 

Annex D, describing all conventions, methodology and notations for conceptual modelling (informative), 

Annex E, providing a clear overview to help readers understand the core principles, structure, and purpose of Transmodel (informative), 

Annex F, providing information on the Functional domains and Modes of operation (informative). 

Annex G, providing details of the significant technical changes between this document and EN 12896-1:2015 (informative). 

1.1 In scope This document defines a Recommended Practice for Product Structure validation. The objective is to validate the product structure of data ingested, extracted or re-used by the archive. This document defines a method to uniquely identify each node in the product structure and to uniquely define the structure of each assembly node. 1.2 Out of scope This document will not provide validation properties for documents; CAD or other.

ISO/IEC 29146:2024 defines and establishes a framework for access management (AM) and the secure management of the process to access information and Information and Communications Technologies (ICT) resources, associated with the accountability of a subject within some context. ISO/IEC 29146:2024 provides explanations about related architecture, components and management functions and concepts, terms and definitions applicable to distributed access management. The subjects involved in access management might be uniquely recognized to access information systems, as defined in ISO/IEC 24760.

This standards shall provide specifications applicable to vulnerability handling processes, covering all relevant product categories, to be put in place by manufacturers of the products with digital elements. Those processes shall at least allow to: (a) identify and document vulnerabilities and components contained in the product, including by drawing up a software bill of materials in a commonly used and machinereadable format covering at the very least the top-level dependencies of the product; (b) in relation to the risks posed to the products with digital elements, address and remediate vulnerabilities without delay, including by providing security updates; where technically feasible, new security updates shall be provided separately from functionality updates; (c) apply effective and regular tests and reviews of the security of the product with digital elements; (d) once a security update has been made available, share and publicly disclose information about fixed vulnerabilities, including a description of the vulnerabilities, information allowing users to identify the product with digital elements affected, the impacts of the vulnerabilities, their severity and clear and accessible information helping users to remediate the vulnerabilities; in duly justified cases, where manufacturers consider the security risks of publication to outweigh the security benefits, they may delay making public information regarding a fixed vulnerability until after users have been given the possibility to apply the relevant patch; (e) put in place and enforce a policy on coordinated vulnerability disclosure; (f) take measures to facilitate the sharing of information about potential vulnerabilities in their product with digital elements as well as in third party components contained in that product, including by providing a standardised contact address for the reporting of the vulnerabilities discovered in the product with digital elements; (g) provide for mechanisms to securely distribute updates for products with digital elements to ensure that vulnerabilities are fixed or mitigated in a timely manner, and, where applicable for security updates, in an automatic manner; (h) ensure that, where security updates are available to address identified security issues, they are disseminated without delay and, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, free of charge, accompanied by advisory messages providing users with the relevant information, including on potential action to be taken.

This standard describes the requirements to be satisfied by domain-specific reference architectures that address entities of interest such as software, systems, enterprises, missions, systems of systems, families of systems, products (goods or services), product lines, service lines, technologies and business domains. The proposed standard will be universally applicable to — organizations seeking sustained success through the implementation of architecture practices, — organizations and interested parties seeking to improve communication through a common understanding of the vocabulary and concepts used in reference architectures, — organizations performing conformity assessments against the requirements of reference- architecture-related standards and specifications, — organizations that serve as certification authorities that will benefit from the use of reference architectures, — organizations that need to mandate use of reference architectures, — providers of reference architectures, guidelines, training, education, evaluation or recommendations in architecture practice, — developers of reference-architecture standards, reference models, and related tools/technologies, — users of reference architectures. The application areas of this standard include, but are not limited to, the following: artificial intelligence (AI), machine learning (ML), Internet of Things (IoT), cloud computing, big data, smart cities, smart manufacturing, cybersecurity, digital twin, telecommunications, aerospace, defense, banking, finance, insurance, energy, automotive, logistics, hospitality, healthcare, supply chain, transportation, manufacturing, agriculture, production, and infrastructure. The proposed deliverable is part of the ISO 42000 architecture standards (e.g., 42010, 42020, 42030).